On Sat, 21 Aug 2004, AccuSpam wrote:
Does any one have anything substantive to say about SPF vs. SenderKeys?
I'm skeptical about the true viability of an MUA based system. Many of
the people who admin large email bases, (that I know of) use non-windows
based mail clients, often console based like Mutt, or Pine, and many use
Mac Mail. Another large group use web based email like Squirrel, or
IMP, for their own setups.
Are you going to provide the patches for all these different mail
clients to use SenderKeys? Or are those of us who use such "low
marketshare" clients left out in the cold?
It seems to me that the ratio of MTAs to MUA's is pretty low, so
that makes me think that an MTA based system, which is transparent to
the consumer, is the right way to go. Any changes are left to people
who are clueful enough to make the changes. For those small-shop
admins who don't have the experience to implement a solution themselves,
there are communities like this list in which there are a number of
people who are more than willing to help anyone implement a solution
that makes ALL of our lives better. Then you don't have to rely on
every one with a mail client to upgrade, especially in the far reaching
corners of the world where the bugdet and or expertise may not support
it.
I know of companies where the IT testing environment is so stringent,
that they still run Windows 98 on the desktop, because Windows XP has
not been certified for internal deployment yet.
Changes to MUAs requires *everybody* to upgrade their MUA. Changes to
MTAs require only service providers to upgrade. It will be similar to
the battle to have open relays closed.
You don't tell consumers to not use open relays... most have no idea
what that means. You tell sysadmins to close their relays or risk being
blackholed. Same here. You tell sysadmins publish SPF, or risk being
refused service everwhere that checks. The sysadmins will catch on when
they have to.
-Tim
--
There are 10 types of people on Earth. Those who understand binary, and those
who don't.